openSUSE Recommended Update: Recommended update for dovecot22 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2017:1978-1 Rating: moderate References: #1045662 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides Dovecot version 2.2.31, which brings many fixes and enhancements: - Do not generate dhparams smaller than 2048 in FIPS mode. (bsc#1045662) - Removed "(Dovecot)" from added Received headers. Some installations want to hide it, and there's not really any good reason for anyone to have it. - Add ssl_alt_cert and ssl_alt_key settings to add support for having both RSA and ECDSA certificates. - Strip trailing whitespace from headers when matching mails in dsync/imapc and pop3-migration plugin. - Add acl_globals_only setting to disable looking up per-mailbox dovecot-acl files. - Parse invalid message addresses better. This mainly affects the generated IMAP ENVELOPE replies. - Fix potential corruption of dovecot.index.cache that could lead to deleting wrong mail's cache. - Fix crash in mail-crypt-acl plugin. - Fix welcome plugin. - Various fixes to handling mailbox listing. Especially related to handling non-existent autocreated or autosubscribed mailboxes and ACLs. - Global ACL file was parsed as if it was local ACL file. - Only the first forward_* field was working, and only if the first passdb lookup succeeded. - Using mail_sort_max_read_count sometimes caused "Broken sort-* indexes, resetting" errors. - Using mail_sort_max_read_count may have caused very high CPU usage. - Message address parsing could have crashed on invalid input. - imapc_features=fetch-headers wasn't always working correctly and caused the full header to be fetched. - Various bug fixes related to connection failure handling in imapc. - Unnecessary FETCH RFC822.SIZE sent to server when expunging mails if quota=imapc. - Add support for "ns" parameter to quota=count. - Fix incremental syncing for mails that don't have Date or Message-ID headers. - Fix hang when client sends pipelined SEARCH + EXPUNGE/CLOSE/LOGOUT. - Token validation in oauth2 didn't accept empty server responses. - Adjusts Pigeonhole to several changes in the Dovecot API, making it depend on Dovecot v2.2.31. - Fixed bug in handling of implicit keep in some cases. Implicit side-effects, such as assigned flags, were not always applied correctly. - Fixed segmentation fault that could occur when the global script location was left unconfigured. This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-849=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): dovecot22-2.2.31-5.7.1 dovecot22-backend-mysql-2.2.31-5.7.1 dovecot22-backend-mysql-debuginfo-2.2.31-5.7.1 dovecot22-backend-pgsql-2.2.31-5.7.1 dovecot22-backend-pgsql-debuginfo-2.2.31-5.7.1 dovecot22-backend-sqlite-2.2.31-5.7.1 dovecot22-backend-sqlite-debuginfo-2.2.31-5.7.1 dovecot22-debuginfo-2.2.31-5.7.1 dovecot22-debugsource-2.2.31-5.7.1 dovecot22-devel-2.2.31-5.7.1 dovecot22-fts-2.2.31-5.7.1 dovecot22-fts-debuginfo-2.2.31-5.7.1 dovecot22-fts-lucene-2.2.31-5.7.1 dovecot22-fts-lucene-debuginfo-2.2.31-5.7.1 dovecot22-fts-solr-2.2.31-5.7.1 dovecot22-fts-solr-debuginfo-2.2.31-5.7.1 dovecot22-fts-squat-2.2.31-5.7.1 dovecot22-fts-squat-debuginfo-2.2.31-5.7.1 References: https://bugzilla.suse.com/1045662